Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
582
Views
0
Helpful
1
Replies

CTS Systems and Certificates

Tom Freeland
Level 1
Level 1

‎10-07-2011 06:10 AM - edited ‎03-17-2019 10:32 PM

I am reporting security certificate errors when I do security scans on my CTS systems and am interested in replacing the certificate with an external certificate generated by a Certificate Authority. Does anyone have any experience in replacing the certificate on the CTS systems.

Thanks.

Tom

Labels:
0 Helpful
1 Reply 1

Arun Kumar
Cisco Employee
Cisco Employee

‎10-09-2011 08:31 PM

Hi Tom,

Each CTS comes with a Manufacturing Installed Cert (MIC) that is unique to each system and signed by Cisco's Certificate Authority (CA). If the customer wishes to, they may load a Locally Significant Cert (LSC). The LSC is downloaded by each CTS from the Certificate Authority Proxy Function (CAPF) service running on CallManager. The CAPF can issue two types of LSCs:

1. Signed by the CAPF server (self-signed)

2. Signed by an external CA using the PKCS#10 certificate signing request (CSR) mechanism.

See page 1-16 at http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/security/6_1_1/secugd/secugd-cm.pdf

HTH

Arun

0 Helpful
Customers Also Viewed These Support Documents